authlogic 2.0.3 → 2.0.4

data/CHANGELOG.rdoc

@@ -1,3 +1,9 @@
+== 2.0.4 released 2009-3-28
+
+* Added validates_uniqueness_of_login_field_options and validates_uniqueness_of_email_field_options configuration options
+* Add in checks to make sure session_class is not nil.
+* Cleaned up TestCase some more and added functionality to log users in during functional tests.
+
 == 2.0.3 released 2009-3-26
 
 * Fixed error where default session class does not exist.

data/Manifest.txt

@@ -55,6 +55,7 @@ lib/authlogic/session/timeout.rb
 lib/authlogic/session/unauthorized_record.rb
 lib/authlogic/session/validation.rb
 lib/authlogic/test_case.rb
+lib/authlogic/test_case/controller_adapter.rb
 lib/authlogic/test_case/mock_controller.rb
 lib/authlogic/test_case/mock_cookie_jar.rb
 lib/authlogic/test_case/mock_request.rb

data/README.rdoc

@@ -63,7 +63,7 @@ These modules are for the acts_as_authentic method you call in your model. It co
 These modules are for the "session side" of authentication. They create a new domain for session logic, allowing you to create, destroy, and ultimately manage your sessions.
 
 * Authlogic::Session::BruteForceProtection - Disables accounts after a certain number of consecutive failed logins attempted.
-* Authlogic::Session::Callbacks - Your tools to extend, change, or add onto Authlogic. Lets you hook in and do just about anything you want.
+* Authlogic::Session::Callbacks - Your tools to extend, change, or add onto Authlogic. Lets you hook in and do just about anything you want. Start here if you want to write a plugin or add on for Authlogic
 * Authlogic::Session::Cookies - Authentication via cookies.
 * Authlogic::Session::Existence - Creating, saving, and destroying objects.
 * Authlogic::Session::HttpAuth - Authentication via basic HTTP authentication.
@@ -85,7 +85,8 @@ Miscellaneous modules that don't really belong solely to either the session or m
 * Authlogic::AuthenticatesMany - Responsible for allowing you to scope sessions to a parent record. Similar to a has_many and belongs_to relationship. This lets you do the same thing with sessions.
 * Authlogic::CryptoProviders - Contains various encryption algorithms that Authlogic uses, allowing you to choose your encryption method.
 * Authlogic::I18n - Acts JUST LIKE the rails I18n library, and provides internationalization to Authlogic.
-* Authlogic::Testing - Various helper methods for testing frameworks to help you test your code.
+* Authlogic::Random - A simple class to generate random tokens.
+* Authlogic::TestCase - Various helper methods for testing frameworks to help you test your code.
 * Authlogic::Version - A handy class for determine the version of Authlogic in a number of ways.
 
 == Quick example
@@ -183,9 +184,9 @@ This will create a file that looks similar to:
 The user model should have the following columns. The names of these columns can be changed with configuration. Better yet, Authlogic tries to guess these names by checking for the existence of common names. See the sub modules of Authlogic::Session for more details, but chances are you won't have to specify any configuration for your field names, even if they aren't the same names as below.
 
     t.string    :login,               :null => false                # optional, you can use email instead, or both
-    t.string    :crypted_password,    :null => false
+    t.string    :crypted_password,    :null => false                # required
     t.string    :password_salt,       :null => false                # optional, but highly recommended
-    t.string    :persistence_token,   :null => false
+    t.string    :persistence_token,   :null => false                # required
     t.string    :single_access_token, :null => false                # optional, see Authlogic::Session::Params
     t.string    :perishable_token,    :null => false                # optional, see Authlogic::Session::Perishability
     t.integer   :login_count,         :null => false, :default => 0 # optional, see Authlogic::Session::MagicColumns
@@ -220,7 +221,7 @@ Here are some common next steps. They might or might not apply to you. For a com
 6. Need to reset passwords or activate accounts? Use the perishable token. See Authlogic::ActsAsAuthentic::PerishableToken
 7. Need to give API access or access to a private feed? Use basic HTTP auth or authentication by params. See Authlogic::Session::HttpAuth or Authlogic::Session::Params
 8. Need to internationalize your app? See Authlogic::I18n
-9. Need help testing? See the Authlogic::Testing
+9. Need help testing? See the Authlogic::TestCase
 
 == Interested in how it works?
 

data/lib/authlogic/acts_as_authentic/email.rb

@@ -50,6 +50,15 @@ module Authlogic
         end
         alias_method :validates_format_of_email_field_options=, :validates_format_of_email_field_options
         
+        # A hash of options for the validates_uniqueness_of call for the email field. Allows you to change this however you want.
+        #
+        # * <tt>Default:</tt> {:scope => validations_scope, :if => "#{email_field}_changed?".to_sym}
+        # * <tt>Accepts:</tt> Hash of options accepted by validates_uniqueness_of
+        def validates_uniqueness_of_email_field_options(value = nil)
+          config(:validates_uniqueness_of_email_field_options, value, {:scope => validations_scope, :if => "#{email_field}_changed?".to_sym})
+        end
+        alias_method :validates_uniqueness_of_email_field_options=, :validates_uniqueness_of_email_field_options
+        
         private
           def email_regex
             return @email_regex if @email_regex
@@ -67,7 +76,7 @@ module Authlogic
             if validate_email_field && email_field
               validates_length_of email_field, validates_length_of_email_field_options
               validates_format_of email_field, validates_format_of_email_field_options
-              validates_uniqueness_of email_field, :scope => validations_scope, :if => "#{email_field}_changed?".to_sym
+              validates_uniqueness_of email_field, validates_uniqueness_of_email_field_options
             end
           end
         end

data/lib/authlogic/acts_as_authentic/login.rb

@@ -38,7 +38,7 @@ module Authlogic
         end
         alias_method :validates_length_of_login_field_options=, :validates_length_of_login_field_options
         
-        # A hash of options for the validates_format_of call for the email field. Allows you to change this however you want.
+        # A hash of options for the validates_format_of call for the login field. Allows you to change this however you want.
         #
         # * <tt>Default:</tt> {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
         # * <tt>Accepts:</tt> Hash of options accepted by validates_format_of
@@ -46,6 +46,15 @@ module Authlogic
           config(:validates_format_of_login_field_options, value, {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")})
         end
         alias_method :validates_format_of_login_field_options=, :validates_format_of_login_field_options
+        
+        # A hash of options for the validates_uniqueness_of call for the login field. Allows you to change this however you want.
+        #
+        # * <tt>Default:</tt> {:scope => validations_scope, :if => "#{login_field}_changed?".to_sym}
+        # * <tt>Accepts:</tt> Hash of options accepted by validates_uniqueness_of
+        def validates_uniqueness_of_login_field_options(value = nil)
+          config(:validates_uniqueness_of_login_field_options, value, {:scope => validations_scope, :if => "#{login_field}_changed?".to_sym})
+        end
+        alias_method :validates_uniqueness_of_login_field_options=, :validates_uniqueness_of_login_field_options
       end
       
       # All methods relating to the login field
@@ -55,7 +64,7 @@ module Authlogic
             if validate_login_field && login_field
               validates_length_of login_field, validates_length_of_login_field_options
               validates_format_of login_field, validates_format_of_login_field_options
-              validates_uniqueness_of login_field, :scope => validations_scope, :if => "#{login_field}_changed?".to_sym
+              validates_uniqueness_of login_field, validates_uniqueness_of_login_field_options
             end
           end
         end

data/lib/authlogic/acts_as_authentic/session_maintenance.rb

@@ -5,7 +5,7 @@ module Authlogic
     #
     # Just to clear up any confusion, Authlogic stores both the record id and the persistence token in the session.
     # Why? So stale sessions can not be persisted. It stores the id so it can quickly find the record, and the
-    # persistence token to ensure no sessions are stale. So if the persistence token changes, the user muct log
+    # persistence token to ensure no sessions are stale. So if the persistence token changes, the user must log
     # back in.
     #
     # Well, the persistence token changes with the password. What happens if the user changes his own password?
@@ -42,7 +42,7 @@ module Authlogic
         # * <tt>Default:</tt> "#{klass.name}Session".constantize
         # * <tt>Accepts:</tt> Class
         def session_class(value = nil)
-          const = "#{name}Session".constantize rescue nil
+          const = "#{base_class.name}Session".constantize rescue nil
           config(:session_class, value, const)
         end
         alias_method :session_class=, :session_class
@@ -74,7 +74,7 @@ module Authlogic
           end
           
           def update_sessions?
-            !skip_session_maintenance && session_class.activated? && !session_ids.blank? && persistence_token_changed?
+            !skip_session_maintenance && session_class && session_class.activated? && !session_ids.blank? && persistence_token_changed?
           end
           
           def get_session_information

data/lib/authlogic/session/activation.rb

@@ -29,6 +29,8 @@ module Authlogic
         # This accepts a controller object wrapped with the Authlogic controller adapter. The controller adapters close the gap
         # between the different controllers in each framework. That being said, Authlogic is expecting your object's class to
         # extend Authlogic::ControllerAdapters::AbstractAdapter. See Authlogic::ControllerAdapters for more info.
+        #
+        # Lastly, this is thread safe.
         def controller=(value)
           Thread.current[:authlogic_controller] = value
         end

data/lib/authlogic/session/active_record_trickery.rb

@@ -11,12 +11,19 @@ module Authlogic
       end
       
       module ClassMethods
+        # How to name the attributes of Authlogic, works JUST LIKE ActiveRecord, but instead it uses the following
+        # namespace:
+        #
+        #   authlogic.attributes.user_session.login
         def human_attribute_name(attribute_key_name, options = {})
           options[:count] ||= 1
           options[:default] ||= attribute_key_name.humanize
           I18n.t("attributes.#{name.underscore}.#{attribute_key_name}", options)
         end
         
+        # How to name the class, works JUST LIKE ActiveRecord, except it uses the following namespace:
+        #
+        #   authlogic.models.user_session
         def human_name(*args)
           I18n.t("models.#{name.underscore}", {:count => 1, :default => name.humanize})
         end
@@ -33,6 +40,7 @@ module Authlogic
       end
       
       module InstanceMethods
+        # Don't use this yourself, this is to just trick some of the helpers since this is the method it calls.
         def new_record?
           new_session?
         end

data/lib/authlogic/session/callbacks.rb

@@ -1,12 +1,11 @@
 module Authlogic
   module Session
     # Between these callsbacks and the configuration, this is the contract between me and you to safely
-    # modify Authlogic's behavior. The ONLY reason these things will change is during a big version upgrade.
-    # For example, going from v1.X.X to 2.0.0.
+    # modify Authlogic's behavior. I will do everything I can to make sure these do not change.
     #
     # Check out the sub modules of Authlogic::Session. They are very concise, clear, and to the point. More
     # importantly they use the same API that you would use to extend Authlogic. That being said, they are great
-    # examples of how to extend Authlogic and add / modify behavior. These modules could easily be pulled out
+    # examples of how to extend Authlogic and add / modify behavior to Authlogic. These modules could easily be pulled out
     # into their own plugin and become an "add on" without any change.
     #
     # Now to the point of this module. Just like in ActiveRecord you have before_save, before_validation, etc.

data/lib/authlogic/session/cookies.rb

@@ -1,6 +1,6 @@
 module Authlogic
   module Session
-    # Handles all authentication that deals with cookies, such as persisting a session and saving / destroying a session.
+    # Handles all authentication that deals with cookies, such as persisting, saving, and destroying.
     module Cookies
       def self.included(klass)
         klass.class_eval do
@@ -50,7 +50,8 @@ module Authlogic
       end
       
       # The methods available for an Authlogic::Session::Base object that make up the cookie feature set.
-      module InstanceMethods  
+      module InstanceMethods
+        # Allows you to set the remember_me option when passing credentials.
         def credentials=(value)
           super
           values = value.is_a?(Array) ? value : [value]
@@ -63,7 +64,8 @@ module Authlogic
           end
         end
         
-        def remember_me # :nodoc:
+        # Is the cookie going to expire after the session is over, or will it stick around?
+        def remember_me
           return @remember_me if defined?(@remember_me)
           @remember_me = self.class.remember_me
         end
@@ -73,7 +75,7 @@ module Authlogic
           @remember_me = value
         end
       
-        # Allows users to be remembered via a cookie.
+        # See remember_me
         def remember_me?
           remember_me == true || remember_me == "true" || remember_me == "1"
         end

data/lib/authlogic/session/existence.rb

@@ -20,7 +20,7 @@ module Authlogic
         # A convenince method. The same as:
         #
         #   session = UserSession.new(*args)
-        #   session.create
+        #   session.save
         #
         # Instead you can do:
         #
@@ -49,7 +49,8 @@ module Authlogic
           true
         end
         
-        # Returns true if the session has not been saved yet.
+        # Returns true if the session is new, meaning no action has been taken on it and a successful save
+        # has not taken place.
         def new_session?
           new_session != false
         end

data/lib/authlogic/session/validation.rb

@@ -10,7 +10,7 @@ module Authlogic
       #     private
       #       def check_if_awesome
       #         errors.add(:login, "must contain awesome") if login && !login.include?("awesome")
-      #         errors.add_to_base("You must be awesome to log in") unless record.awesome?
+      #         errors.add_to_base("You must be awesome to log in") unless attempted_record.awesome?
       #       end
       #   end
       class Errors < ::ActiveRecord::Errors
@@ -39,7 +39,7 @@ module Authlogic
       #    private
       #      def check_if_awesome
       #        errors.add(:login, "must contain awesome") if login && !login.include?("awesome")
-      #        errors.add_to_base("You must be awesome to log in") unless record.awesome?
+      #        errors.add_to_base("You must be awesome to log in") unless attempted_record.awesome?
       #      end
       #  end
       def errors

data/lib/authlogic/test_case.rb

@@ -1,3 +1,4 @@
+require "authlogic/test_case/controller_adapter"
 require "authlogic/test_case/mock_cookie_jar"
 require "authlogic/test_case/mock_request"
 require "authlogic/test_case/mock_controller"
@@ -8,16 +9,23 @@ module Authlogic
   #
   # Some important things to keep in mind when testing:
   #
-  # Authlogic requires a "connection" to your controller. In the same manner that ActiveRecord requires a connection to
+  # Authlogic requires a "connection" to your controller to activate it. In the same manner that ActiveRecord requires a connection to
   # your database. It can't do anything until it gets connnected. That being said, Authlogic will raise an
   # Authlogic::Session::Activation::NotActivatedError any time you try to instantiate an object without a "connection".
-  # So before you do anything with Authlogic, you need to connect it. Let's walk through how to do this in tests:
+  # So before you do anything with Authlogic, you need to activate / connect Authlogic. Let's walk through how to do this in tests:
   #
   # === Functional tests
   #
-  # You shouldn't have to do anything. Authlogic automatically sets a before_filter in your ApplicationController that
-  # conntects Authlogic to the controller. So as soon as you make a request in your tests, it will connect Authlogic
-  # for you.
+  # Activating Authlogic isn't a problem here, because making a request will activate Authlogic for you. The problem is
+  # logging users in so they can access restricted areas. Solvin this is simple, just do this:
+  #
+  #   setup :activate_authlogic
+  #
+  # Now log users in using Authlogic:
+  #
+  #   UserSession.create(users(:whomever))
+  #
+  # Do this before you make your request and it will act as if that user is logged in.
   #
   # === Integration tests
   #
@@ -26,22 +34,24 @@ module Authlogic
   #
   # === Unit tests
   #
-  # Now here is the tricky part of testing. Since there really is no controller here you need to "fake" Authlogic into
-  # thinking there is. Don't worry, because the Authlogic::TestCase takes care of this for you. Just do the following
+  # The only time you need to do any trickiness here is if you want to test Authlogic yourself. Maybe you added some custom
+  # code or methods in your Session class. Maybe you are writing a plugin or a library that extends Authlogic. Whatever it is
+  # you need to make sure your code is tested and working properly.
+  #
+  # That being said, in this environment there is no controller. So you need to "fake" Authlogic into
+  # thinking there is. Don't worry, because the this module takes care of this for you. Just do the following
   # in your test's setup and you are good to go:
   #
   #   setup :activate_authlogic
   #
-  # activate_authlogic is a method provided to you by this TestCase module.
-  #
-  # You can even test off of this controller to make sure everything is good. For example:
+  # You also get a controller method that you can test off of. For example:
   #
   #   ben = users(:ben)
   #   assert_nil controller.session["user_credentials"]
   #   assert UserSession.create(ben)
   #   assert_equal controller.session["user_credentials"], ben.persistence_token
   #
-  # You also get the "controller" method to use in your tests as well. Now you have everything you need to properly test in unit tests.
+  # That's it.
   #
   # === How to use
   #
@@ -49,12 +59,15 @@ module Authlogic
   #
   #   require "authlogic/test_case"
   module TestCase
-    # Activates authlogic with an Authlogic::TestCase::MockController object.
+    # Activates authlogic so that you can use it in your tests. You should call this method in your test's setup. Ex:
+    #
+    #   setup :activate_authlogic
     def activate_authlogic
-      Authlogic::Session::Base.controller = controller
+      Authlogic::Session::Base.controller = (@request && Authlogic::TestCase::ControllerAdapter.new(@request)) || controller
     end
     
-    # The Authlogic::TestCase::MockController object passed to Authlogic to activate it.
+    # The Authlogic::TestCase::MockController object passed to Authlogic to activate it. You can access this in your test.
+    # See the module description for an example.
     def controller
       @controller ||= Authlogic::TestCase::MockController.new
     end

data/lib/authlogic/test_case/controller_adapter.rb

@@ -0,0 +1,31 @@
+module Authlogic
+  module TestCase
+    # Adapts authlogic to work with the @request object when testing. This way Authlogic can set cookies and what not before
+    # a request is made, ultimately letting you log in users in functional tests.
+    class ControllerAdapter < ControllerAdapters::AbstractAdapter
+      def authenticate_with_http_basic(&block)
+        controller.authenticate_with_http_basic(&block)
+      end
+      
+      def cookies
+        new_cookies = {}
+        super.each do |key, value|
+          new_cookies[key] = value[:value]
+        end
+        new_cookies
+      end
+      
+      def cookie_domain
+        nil
+      end
+      
+      def request
+        @request ||= MockRequest.new
+      end
+      
+      def request_content_type
+        request.format.to_s
+      end
+    end
+  end
+end

data/lib/authlogic/test_case/mock_controller.rb

@@ -1,5 +1,7 @@
 module Authlogic
   module TestCase
+    # Basically acts like a controller but doesn't do anything. Authlogic can interact with this, do it's thing and then you
+    # can look at the controller object to see if anything changed.
     class MockController < ControllerAdapters::AbstractAdapter
       attr_accessor :http_user, :http_password
       attr_writer :request_content_type

data/lib/authlogic/test_case/mock_cookie_jar.rb

@@ -1,6 +1,6 @@
 module Authlogic
   module TestCase
-    class MockCookieJar < Hash
+    class MockCookieJar < Hash # :nodoc:
       def [](key)
         hash = super
         hash && hash[:value]

data/lib/authlogic/test_case/mock_request.rb

@@ -1,6 +1,6 @@
 module Authlogic
   module TestCase
-    class MockRequest
+    class MockRequest # :nodoc:
       def remote_ip
         "1.1.1.1"
       end

data/lib/authlogic/version.rb

@@ -1,11 +1,8 @@
 module Authlogic # :nodoc:
-  # = Version
-  #
   # A class for describing the current version of a library. The version
   # consists of three parts: the +major+ number, the +minor+ number, and the
   # +tiny+ (or +patch+) number.
   class Version
-    
     include Comparable
   
     # A convenience method for instantiating a new Version instance with the
@@ -44,13 +41,11 @@ module Authlogic # :nodoc:
 
     MAJOR = 2
     MINOR = 0
-    TINY  = 3
+    TINY  = 4
 
     # The current version as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)
     # The current version as a String
     STRING = CURRENT.to_s
-    
   end
-  
 end

data/test/acts_as_authentic_test/email_test.rb

@@ -43,6 +43,16 @@ module ActsAsAuthenticTest
       assert_equal default, User.validates_format_of_email_field_options
     end
     
+    def test_validates_uniqueness_of_email_field_options_config
+      default = {:scope => Employee.validations_scope, :if => "#{Employee.email_field}_changed?".to_sym}
+      assert_equal default, Employee.validates_uniqueness_of_email_field_options
+      
+      Employee.validates_uniqueness_of_email_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, Employee.validates_uniqueness_of_email_field_options)
+      Employee.validates_uniqueness_of_email_field_options default
+      assert_equal default, Employee.validates_uniqueness_of_email_field_options
+    end
+    
     def test_validates_length_of_email_field
       u = User.new
       u.email = "a@a.a"

data/test/acts_as_authentic_test/login_test.rb

@@ -43,6 +43,16 @@ module ActsAsAuthenticTest
       assert_equal default, User.validates_format_of_login_field_options
     end
     
+    def test_validates_uniqueness_of_login_field_options_config
+      default = {:scope => User.validations_scope, :if => "#{User.login_field}_changed?".to_sym}
+      assert_equal default, User.validates_uniqueness_of_login_field_options
+      
+      User.validates_uniqueness_of_login_field_options = {:yes => "no"}
+      assert_equal({:yes => "no"}, User.validates_uniqueness_of_login_field_options)
+      User.validates_uniqueness_of_login_field_options default
+      assert_equal default, User.validates_uniqueness_of_login_field_options
+    end
+    
     def test_validates_length_of_login_field
       u = User.new
       u.login = "a"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: authlogic
 version: !ruby/object:Gem::Version 
-  version: 2.0.3
+  version: 2.0.4
 platform: ruby
 authors: 
 - Ben Johnson of Binary Logic
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-03-26 00:00:00 -04:00
+date: 2009-03-28 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -100,6 +100,7 @@ files:
 - lib/authlogic/session/unauthorized_record.rb
 - lib/authlogic/session/validation.rb
 - lib/authlogic/test_case.rb
+- lib/authlogic/test_case/controller_adapter.rb
 - lib/authlogic/test_case/mock_controller.rb
 - lib/authlogic/test_case/mock_cookie_jar.rb
 - lib/authlogic/test_case/mock_request.rb